Last update: June, 28th 2022
Microsoft does not take any action in case of an SPF fail. Set up a stricter processing on EOP for a better protection.
SPF, or Sender Policy Framework, is a method to validate that an email may be sent from a specific domain (from declared host or IP).
When the IP address of a sender and their SPF don't match (SPF fail, TempError or PermError), their emails still end up in your inbox by default. For a better protection when receiving an email, you can choose to set up a stricter filtering method by updating your filtering policy.
Sending message to Junk folder
1. Log in to Microsoft 365 Defender.
2. Go to ポリシーとルール > click 脅威ポリシー > スパム対策ポリシー.
3.Click on 迷惑メール対策の受信ポリシー (既定).
4. In section バルク メールのしきい値とスパムのプロパティ click on スパムのしきい値とプロパティを編集する.
5. Turn the SPF レコード: ハード フェイル toggle on and click 保存.
After a few minutes, your emails will be moved to junk folder whenever the IP address and the SPF don't match.
Strict reject
If you want to respect the SPF RFC, a reject must be made if there's a PermError or a SPF fail result. To be strict on such result, you have to add a mail flow.
1. Log in to Microsoft 365 admin center and click すべて表示 > Exchange in the left menu.